Regulation of Personal Information Sally Brierley & Emma Harvey

Definition of Personal Personal Information Information relating to living individuals who can be identified from the information. Examples: Names Addresses Opinions… Sensitive Personal Information Examples: Racial or Ethnic origin Political or Religious beliefs Trade Union Membership Physical or mental health Sexual life Commission or alleged commission of an offence (and proceedings relating to such commission).

Data Protection Act “United Kingdom Act of Parliament which defines UK law on the processing of data on identifiable living people”. “In practice it provides a way for individuals to control information about themselves” Not applicable to domestic use (i.e. Keeping a personal phonebook)

Freedom of Information Act 2000 The Freedom of Information Act gives an individual the right to obtain information held by public authorities unless there are good reasons to keep it confidential.

Privacy and Electronic Communications (EC Directive) Regulations 2003 The Privacy and Electronic Communications (EC Directive) Regulations 2003 is a law in the United Kingdom which made it unlawful to, amongst other things, transmit an automated recorded message for direct marketing purposes via a telephone, without prior consent of the subscriber.United Kingdom This is somewhat similar to the US Do not call registry. However, it includes all electronic communications such as or SMS mobile phone messages.Do not call

BT End Users when working as part of BT Retail, staff members end up speaking to end users about their telephone lines – there is specific criteria required when speaking to someone about their line to ensure that they are who they say they are and that you’re allowed to discuss this information with them. Commonly there is a security procedure where specific questions will be asked; such as account names and security questions which have individual answers. When working as part of Openreach (field) it is important that engineers be wary of differentiating end users to specific customers – meaning they do not share any information about other phone lines in the area etc.

BT Service Providers (Our customers) When working as part of Openreach it is important to realise that there are different customers calling in who cannot be given another customers information – similar to the Retail LoB there are specific security questions that can be asked…

BT Customers (Service Providers) When working as part of Openreach our customers are Service Providers. We need to ensure that our customers privacy is kept secure and that we aren’t giving away personally identifiable information about our customers to people without permission to access this information. We also have a responsibility as a reputable company to ensure that we keep third party information secure – for example if a neighbour owns a lot of land with BT equipment on it and refuses access to BT to work on that equipment we can’t release the information to our customers about who refused us access.

BT and Data Protection Employees Personal Information – home address / contact information etc. Confidential Information – illness / reason for absence … confidential conversations about performance etc.

Privacy All providers have a privacy policy. Yahoo!, for example, scans s and IMs to advertise “personally relevant experiences”. All other large providers do the same thing. If they can scan your s to identify spam and target you for adverts, can they use this information in other ways? Yahoo! states in it’s security policy that it takes reasonable steps to protect your information. Is this enough?

Internet Privacy Search engines can record your searches Google, for example, records all search history and if you have entered personal information this can be traced. They use this information to customise and personalise search results. You can opt out of this. Should it be an opt in service? Should service providers be allowed to trace your search history? If your computer is hacked, can access to this history be compromised?

Privacy and Surveillance The Regulation of Investigatory Powers Act 2000 (RIPA) is the legislation that governs surveillance of your communications, s, phone calls. It was introduced to take into account the growth of the internet and stronger encryption.

Targeted Advertising Should companies be allowed to use your personal information to target advertising to you? In relation to the internet, this can be classed as unsolicited advertising, as the user did not request to be targeted. – Google AdWords – Yahoo! Search Marketing – Microsoft adCenter

iPhone Location Information In April 2011 it was revealed that the Apple iPhone saves details of locations into a file on the phone. The file contains the latitude and longitude of the phone's recorded coordinates along with a timestamp, meaning that anyone who stole the phone or the computer could discover details about the owner's movements using a simple program. It was found that Apple had no use for this information and there was no reason for it being stored. The latest news is that Microsoft is being sued for tracking the location of it’s users, even after customers have turned the software off. “Explicit permission” Normal phones record location information but this is only available to the police under the Regulation of Investigatory Power Act.

Sources ?src=related_normal&rel=